<?php
	require_once( '../_config/base.inc.php' );

	use \dayscript\Application;
	use \dayscript\util\Debug;
	use \dayscript\util\Benchmark;
	use \dayscript\ErrorManager;
	use \dayscript\acl\Acl;
	use \dayscript\acl\role\ConcreteRole;
	use \dayscript\acl\resource\ConcreteResource;
	use \dayscript\datasource\DataSourceManager;
	
	Application::getInstance( array( BASE_DIR . '_config/tests.inc.php', BASE_DIR . '_config/database.inc.php' ) );
	ErrorManager::setUproarMode( true );
	
	require_once( 'MySQLPersistence.class.php' );
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
	<title>Gesti&oacute;n de Privilegios</title>
	<link rel="stylesheet" type="text/css" media="all" href="../_resources/styles.css" />
</head>
<body>
<pre>
<b>ACL:</b>
<?php
	$acl = Acl::getInstance();

	// Roles
	$guest = new ConcreteRole('guest');
	$staff = new ConcreteRole('staff');
	$editor = new ConcreteRole('editor');
	$administrator = new ConcreteRole('administrator');
	
	$acl->addRole($guest);
	$acl->addRole($staff, $guest);
	$acl->addRole($editor, $staff);
	$acl->addRole($administrator);
	
	// Resources
	$content = new ConcreteResource('content');
	$publicContent = new ConcreteResource('public_content');
	$privateContent = new ConcreteResource('private_content');
	
	$acl->add($content);
	$acl->add($publicContent, $content);
	$acl->add($privateContent, $content);
	
	// Guest may only view content
	$acl->allow($guest, $publicContent, Acl::VIEW);
	
	// Staff inherits view privilege from guest, but also needs additional
	// privileges
	$acl->allow($staff, $publicContent, array(Acl::EDIT, 'submit', 'revise'));
	$acl->allow($staff, $privateContent, Acl::VIEW);
	
	// Editor inherits view, edit, submit, and revise privileges from
	// staff, but also needs additional privileges
	$acl->allow($editor, $content, array('publish', 'archive', Acl::DELETE));
	
	// Administrator inherits nothing, but is allowed all privileges
	$acl->allow($administrator, $content);

	echo "Saving ACL...<br/>";
	
	$defaultDS = DataSourceManager::getDS();
	$persistence = new MysqlPersistence($defaultDS);
	$persistence->commit($acl);
	
	// Check some roles privilegies
	echo "Asking...<br/>";
	echo "Can guest view all content? " . ($acl->isAllowed($guest, $content, Acl::VIEW) ? "yes" : "no") . "<br/>";
	echo "Can guest view public content? " . ($acl->isAllowed($guest, $publicContent, Acl::VIEW) ? "yes" : "no") . "<br/>";
	echo "Can staff submit public content? " . ($acl->isAllowed($staff, $publicContent, 'submit') ? "yes" : "no") . "<br/>";
	echo "Can editor edit private content? " . ($acl->isAllowed($editor, $privateContent, Acl::EDIT) ? "yes" : "no") . "<br/>";
	echo "Can administrator edit all content? " . ($acl->isAllowed($administrator, $content, Acl::EDIT) ? "off course" : ":| what??") . "<br/>";
?>
<br/>
<b>Benchmark:</b><?php echo Benchmark::getInstance( ) ?>
</pre>
</body>
</html>